When the scan is finished, the "Scan" button will change into a "Save Log" button.Press that, save the log, Ctrl-A to Select All, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.

(You should now be able to clear the hidden contents of the AppInit_DLLs value in the right pane without being undone by the hidden process.)

DoubleClick "Appinit_Dlls" value on right pane and erase the data on the lower box (in value field):

"C:\WINDOWS\System32\comc.dll", hit 'apply' and 'ok' to set.

Rename NotWindows back to Windows in the left pane, close Registrar Lite and reboot the computer. If all goes well the hidden process will not run at startup and you should now be able to find and *see* the comc.dll in C:\WINDOWS\System32.

Using Explorer go to your root drive: C:\ and create new folder, name it: 'Junk'. Unzip and run Winfile from here. Open it up, click File>Move...

Copy and paste this into the 'From' box: C:\WINDOWS\System32\comc.dll Copy and paste this into the 'To' box: C:\Junk\comc.dll

Hit OK. Close Winfile and check in C:\Junk for that file - let me know what's there. If it's there, rerun CWShredder, hit 'fix' as opposed to 'scan only'. Reboot when done. Run HJT and post a new log for the final steps.

That's better, nearly there. Set up Ad-Aware like this - before scanning click on "check for updates now" to make sure you have the latest reference file. Then click the gear wheel at the top and check these options:

Click "Proceed" to save your settings, then click "Start", make sure "Activate in-depth scan" is ticked green then scan your system. When the scan is finished, the screen will tell you if anything has been found, click "Next". The bad files will be listed, right click the pane and click "Select all objects" - this will put a check mark in the box at the side, click "Next" again and click "OK" at the prompt "# objects will be removed. Continue?".

Reboot when done.

Create a new folder called C:\HijackThis, move the HijackThis.exe file into the new folder and run it from there. This is necessary to ensure you have backups should anything go wrong.

Make sure that you have no browser windows open as this could prevent the fix from working properly. Open HijackThis, scan and when complete, remove the following entries (if still there) by checking the box to the left and clicking 'fixed checked':

Try this - boot into Safe Mode by tapping F8 after the BIOS has loaded. Right-click on the C:\Junk\comc.dll go to the Security tab>advanced and take ownership giving yourself 'Full control' (preferably to Administrators 'group'). Right-click the C:\Junk folder and hit properties. Click on security tab then the advanced button. Check the box that says reset permissions on all child objects. Hit apply.

You should now be able to delete the file and folder. Let me know how you get on.

It allowed me to delete it. Everything seems to be working okay. Thanks so much for all your help. Hopefully, this will be it, but I'm sure CWS will keep mutating. It's times like this when I wish you could really do things the way they do in movies or games. I'd love to send a virus that would blow up the computer of the creator of CWS! Oh well, I guess that can be my "happy thought" for a while.

Right Click on the purple Windows folder in the left pane.Select 'Properties'.Press 'Permissions'.Press 'Advanced'.Remove Check Mark from 'Inherit permissions...'.Press 'Copy'.Highlight the group 'Everyone' (note: if this group does not exist then exit Reglite)Select 'Remove'.Press 'Apply' and 'OK' on all dialog boxes.

As this problem has been resolved the topic will be closed. If you need this topic reopened, please click here to email the moderating team - be sure to include the address of the thread and the name you posted under.